Identity security company SailPoint Technologies Inc. today rolled out a range of platform and cloud enhancements aimed at giving enterprises unified, real-time control over humans, machines and autonomous artificial intelligence agents.

The updates, announced at the company’s Navigate 2025 conference, combine SailPoint’s long-term platform vision with Atlas, the product foundation that underpins it and new SailPoint Platform capabilities with practical Identity Security Cloud improvements that tighten governance across non-employees, machines and application connectivity.

At the core of the announcements today was the SailPoint Platform, a company’s identity-first, data-first architecture that folds AI into decisions, analyses and actions so identity becomes the control plane for security in an agentic world.

As part of its platform, SailPoint today introduced Agent Identity Security, a purpose-built solution designed to address the explosion of nonhuman identities. With the new offering, users can discover, certify and govern AI agents down to the entitlement level by assigning owners, enforcing permissions and tying agent behavior directly to the data they access.

The company said AIS also helps prevent sensitive data from being exfiltrated by rogue agents or inadvertently exposed to large language models.

To support agent-safe operations, SailPoint is debuting its Model Context Protocol Server, an identity security product designed specifically for AI-driven access requests. MCP Server lets agents make identity actions via SailPoint application programming interfaces while preserving governance, audit trails and compliance guardrails.

Atlas, which underpins the SailPoint Platform, has also been upgraded to Atlas Enterprise to bring dynamic security orchestration, a shared signals framework and adaptive approvals to customers, allowing approval paths and governance workflows to change dynamically based on real-time risk and business context.

For visibility and data control, core themes of the release, SailPoint has debuted Observability & Insights, which provides graph-based intelligence to map identity relationships and access paths to make it easier to visualize who, or what, can reach a given entitlement and to prioritize remediation. The company has also expanded its Data Access Security offering to cover structured data through a Snowflake integration, allowing centralized identity-aware visibility and the ability to certify data access for both users and agents.

Combined, O&I and DAS are designed to eliminate blind spots where agents, services or orphaned accounts could otherwise create data leakage or compliance risk.

SailPoint also previewed its roadmap for real-time control. Privilege Security Posture Management automates privilege classification and least-privilege enforcement. Real-time Authorization evaluates access requests against dynamic contextual signals. And Real-time Threat Defense & Remediation detects and contains identity-driven threats.

Identity Security Cloud

Along with announcements for SailPoint Platform, the company also today announced a range of practical cloud-focused updates to Identity Security Cloud.

Non-Employee Risk Management now integrates with Microsoft Entra Verified ID for verifiable credentials and biometric-backed onboarding for the extended workforce, with bulk approvals, attribute sync and direct role provisioning to speed governance of contractors and third parties.

SailPoint’s machine identity governance has received an upgrade with updates that include multihost classification, explicit machine subtypes such as service accounts, bots and shared accounts, centralized entitlement views, and support for multiple owners and succession plans to prevent orphaned accounts. The upgrades are designed to make machine accounts discoverable, certifiable and accountable at large scale.

On the admin and lifecycle side, SailPoint has debuted hygiene improvements that will matter to day-to-day operations, with an aim to reduce standing privileges and cut manual toil. The improvements include custom users for named role-based controls, as well as a PTA PowerShell Script capability to delegate sensitive tasks safely to nonprivileged operators. There’s also parameter storage embedded into Atlas, to reduce dependence on separate privileged access tools, plus time-bound access, automated account deletion support, and rename/move reconciliation to close common reconciliation gaps.

Finally, SailPoint didn’t ignore connectivity and integration, announcing expanded deep connectors and platform interoperability for SAP GRC Firefighter, BeyondTrust, MacOS password reset and JDBC for low-code provisioning. The company also introduced VA clustering so services like DAS and Privilege Gateway can run together efficiently.

SailPoint pitched the announcements as a necessary pivot away from legacy, siloed governance toward an adaptive identity model that unifies identity, security and data.

“This new reality requires an adaptive identity model — a modern approach that unifies identity, security and data to deliver continuous, contextual protection,” said Chandra Gnanasambandam, executive vice president of product and chief technology officer of SailPoint. “Unlike static, siloed tools built for yesterday’s environment, the SailPoint Platform sets a new standard, delivering identity security that is unified, intelligent and adaptive by design.”

Image: SailPoint